Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,439 advisories

Loading
Windu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to add an admin account. High Unreviewed
CVE-2013-7473 was published May 5, 2022
The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface. High Unreviewed
CVE-2013-7476 was published May 5, 2022
Cross-Site Request Forgery (CSRF) vulnerability in Web UI of Secomea GateManager allows phishing... High Unreviewed
CVE-2022-25778 was published May 5, 2022
An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly... High Unreviewed
CVE-2022-0916 was published May 4, 2022
ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems... High Unreviewed
CVE-2008-4247 was published May 3, 2022
Rainworx Auctionworx < 3.1R2 is vulnerable to a Cross-Site Request Forgery (CSRF) attack that... High Unreviewed
CVE-2022-23904 was published May 3, 2022
The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks... High Unreviewed
CVE-2022-0952 was published May 3, 2022
Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at... High Unreviewed
CVE-2009-0486 was published May 2, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component... High Unreviewed
CVE-2008-4128 was published May 2, 2022
Django cross-site request forgery (CSRF) vulnerability High
CVE-2008-3909 was published for django (pip) May 2, 2022
MarkLee131
Cross-site request forgery (CSRF) vulnerability in ajax/UpdateCheck.php in Vanilla 1.1.4 and... High Unreviewed
CVE-2008-3759 was published May 2, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities on Motorola Surfboard with software... High Unreviewed
CVE-2008-2002 was published May 1, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the central... High Unreviewed
CVE-2008-1250 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT... High Unreviewed
CVE-2008-0524 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G... High Unreviewed
CVE-2008-0228 was published May 1, 2022
Plone Cross-site request forgery (CSRF) High
CVE-2008-0164 was published for Plone (pip) May 1, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the... High Unreviewed
CVE-2007-6730 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php in sBlog 0.7.3 Beta allows... High Unreviewed
CVE-2007-5818 was published May 1, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 2100 Network Camera 2.02... High Unreviewed
CVE-2007-5213 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote... High Unreviewed
CVE-2007-1157 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in util.pl in @Mail WebMail 4.51, and util.php in... High Unreviewed
CVE-2006-6701 was published May 1, 2022
Edgewall Trac Cross-site request forgery (CSRF) vulnerability High
CVE-2006-5878 was published for trac (pip) May 1, 2022
Cross-site request forgery (CSRF) vulnerability in the administrative interface for the... High Unreviewed
CVE-2006-5175 was published May 1, 2022
Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live allows remote attackers to... High Unreviewed
CVE-2005-1674 was published May 1, 2022
CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a global cross-site request... High Unreviewed
CVE-2016-6578 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database